Enterprise Apps

Apr 23, 2015

You can create your own application connectors in App Controller. You
can create either a Security Assertion Markup Language (SAML) connector or an
HTTP Federated Formfill connector.

When you build a connector, you use the logon web address for the URL.
For example, you want to add LinkedIn to your application list. Go to
http://www.linkedin.com and then click
Sign in. When the logon page appears, copy the
web address and then paste the web address in the
URL field in the Configure App wizard in App
Controller.

Building SAML Connectors

App Controller enables you to build either a SAML 1.1 or SAML 2.0
connector. SAML connectors are used for web applications that support the SAML
protocol for SSO. The Generic SAML connector enables you to create your own
SAML connector for applications that support the SAML protocol. App Controller
supports the identity provider (IdP) SSO for SAML applications.

Building HTTP Federated Formfill Connectors

App Controller can use Formfill to automatically enter user
credentials in the application’s logon page. When users connect to a SaaS
application, the web browser displays the logon form and then redirects users
to the SaaS application. When you to add a new Formfill connector to the
existing catalog, you must provide information about the application that you
want to add. After you successfully configure the connector, you can then
configure the connector for SSO. The Formfill connector supports applications
that:

Obtain the user name and
password and submit the credentials to the application without verifying the
information again.

Set the application
cookies when users request the logon page. The cookies set the attributes that
change for each logon request for the application.

Building Enterprise Applications

You can create enterprise application connectors from the
Apps & Docs tab in the App Controller
management console. When you create an enterprise app, you create the app and
the Formfill connector at the same time.

Users log on to enterprise apps by using SSO. You can also configure
user account management for enterprise applications, as well as policies for
the connector.

To create an
enterprise application

In the
management console, click the
Apps
& Docs tab.

Under
Apps &
Docs > APPS, click
Web
& SaaS and then click the plus (+) sign in the right pane.

In the
catalog, click
New
enterprise app.

On the
Details page, complete the following:

In
App name, type a name for the app.

In
Description, enter a description for the app.

Note: If you
want to configure a second app with the same web address, you must give the app
a different name.

In
URL, type the web address for the app. Precede the
web address with http or https.

Select
App is hosted on internal network if the app is
running on a server that resides in your internal network.

To obtain
user credentials from Active Directory, click
Use Active Directory for SSO.

Select
Require app installation if users connect to the app
from a mobile device. This setting requires users to download and install the
app to their device.

In
Category, select the category from the list.

In
Assigned role, select the role. This is a mandatory
field.

In
Image, select the default Citrix logo or select
Upload to add your own logo to the logon page and
then click
Next.

If you
want to upload your own logo, click
Browse and then navigate to the logo on your device.

Note: The
graphic you upload must be of the type PNG. You cannot upload a GIF or JPEG
graphic. When you add a custom graphic, you cannot change it at a later time.

Click
Next.

On the
Workflow page, configure the following if you need
approval for creating user accounts:

Select
Requires Approval and then either create a new
workflow or select an existing workflow.

If you
create a new workflow, in
Workflow name, enter a name for the workflow and
then click
Next.
If
you choose not to add or configure a workflow, click
Next and go to Step 7.

Under
Manager Approvals, in
Levels of manager approval, select the number of
levels required for manager approval of the user account.

Under
Additional Approvers, in
Enter additional required approvers, enter the name
of the approver.

Approver
names originate from Active Directory.

When the
approver's name appears in the text field, click the name and then click the
plus (+) symbol.

The
approver's name and email address appears in
Selected Approver.

Click
Next.

On the
Policies page, configure any of the following:

Under
Device Security, in
Block jailbroken or rooted, click the toggle to
Off to allow this app to work on a compromised
mobile device.

The
default is
On, which does not allow the app to work on a
compromised mobile device.